Category Archives: National Audit Office

Royal London, a Capita investor, said yesterday it has been “raising concerns about Capita’s weak governance with the firm for a number of years, and voting against many resolutions on director re-elections and pay consistently since 2014.”

Royal London is the UK’s largest mutual life, pensions and investment company. It managed £113bn of funds as of 31 December 2017. It owns a 0.44% stake in Capita.

Ashley Hamilton Claxton, Royal London Asset Mananagement’s Head of Responsible Investment, said in a statement,

“We welcome the honesty and transparency with which Capita’s new CEO has accepted the company’s past failings, and put a plan in place to simplify and improve the business. However, we believe this was preventable and have been privately raising concerns about Capita’s weak governance with the firm for a number of years, and voting against many resolutions on director re-elections and pay consistently since 2014.

“Until recently, Capita’s board flouted one of the basic rules of the corporate governance code, with a small board primarily comprised of management insiders. The result was a board that lacked the independent spirit to rigorously assess whether the company was making the right long-term decisions.

“Our concerns about governance were compounded by the complexity of the underlying business and the company’s acquisition strategy. Capita’s approach to remuneration also left something to be desired, with major losses in 2013 being excluded from the profit figures used to assess the bonuses paid to executives at the firm.

“The sea change in the board over the past 18 months has been welcome and has addressed the key issue of independence. It will be up to the new Chairman and the Board to ensure that Capita does not repeat the mistakes of the past, and that its strategy is fit for purpose during a particularly turbulent time for the outsourcing sector.”

Last week Capita issued a profits warning and announced plans to raise £700m from investors to reduce debts.

With Capita seeking to raise money and cut costs, where will this leave local government customers that are reliant on the supplier to cut the costs of running local services?

Barnet Council has, controversially, contracted out a large chunk of its services to Capita – and also gives the company tens of millions in advance payments in return for a discount on the supplier’s fees.

By becoming a “commissioning council”, Barnet has made itself wholly reliant on Capita, say critics of the outsourcing deal. Among other responsibilities, Capita produced the council’s latest annual accounts – including a financial account of its own services to the council. The accounts were not produced on time which created extra chargeable work for the council’s auditors BDO.

Capita has run into problems on a number of its major outsourcing deals. The National Audit Office is investigating its work on GP support services.

Councillor Barry Rawlings, leader of the Labour group in Barnet, said the profits warning and Capita’s low share price raised questions about how it may respond to further troubles.

“Capita handles all of the back office, enforcement, planning, environmental health, trading standards, estates, payroll and so on. Will that be part of their core services? We might be one of the only places they do some things. If they narrow their scope, what is going to happen to these services?

Conservative leader of Barnet council, Councillor Richard Cornelius, said, “Capita currently runs approximately 10 per cent of our services by value. They do not run the entire council as some reports have suggested.

“The council regularly reviews the financial status of its major suppliers as part of its contract management and contingency planning arrangements. This is what any responsible local authority would do.”

Capita’s share price has more than halved in the last month – from about 400p to a low on 1 February 2018 of 158p – but today rose by about 10% to 196.

Comment

When an outsourcing giant is looking to cut its costs and raise money to cover debts, how does that square with local government customers that also want to cut costs – which is why they outsourced to Capita?

Outsourcing can make good sense – when for example a global company like BP wants to standardise IT services across the world. It doesn’t always make sense when an organisation wants a service transformation while also cutting costs. Something usually has to give which, perhaps, Barnet Council and its taxpayers are slowly finding out.

Today’s Financial Times and other newspapers cover a National Audit Office report into GP clinical notes and correspondence, some of it urgent, that was not directed to the patient’s GP.

The correspondence was archived by Capita under its contract to provide GP support services. But patient notes were still “live”. They included patient invitation letters, treatment/diagnosis notes, test results and documents/referrals marked ‘urgent’.

What isn’t well reported is that ministers were left in the dark about the problems for more than a year. The National Audit Office does not blame anyone – its remit does not include questioning policy decisions – but its report is impressive in setting out of the facts.

Before NHS England outsourced GP support services to Capita in 2015, GPs practices sent correspondence for patients that were not registered at their practice to local primary care services centres, which would attempt to redirect the mail.

By the time Capita took over GP support services on 1 September 2015, GPs were supposed to “return to sender” any correspondence that was sent to them incorrectly – and not send it to primary care services centres that were now run, in part, by Capita.

But some GPs continued to send incorrectly-addressed correspondence to the primary care services centres. Capita’s contract did not require it to redirect clinical correspondence.

An unknown number of GP practices continued to send mail to the centres, expecting the centre’s staff to redirect it. A further complication was that Capita had “transformation” plans to cut costs by closing the primary care services support centres.

Capita made an inventory of all records at each site and shared this with NHS England. The inventories made reference to ‘clinical notes’ but at this point no one identified these notes as live clinical correspondence. Capita stored the correspondence in its archive.

In line with its contract, Capita did not forward the mail. It was not until May 2016 – eight months after Capita took over the primary care services centres – that Capita told a member of NHS England’s primary care support team that there was a problem with an unquantified accumulation of clinical notes.

It was a further five months before Capita formally reported the incident to NHS England. At that time Capita estimated that there was an accumulation of hundreds of thousands of clinical notes. When the National Audit Office questioned Capita on the matter, it replied that, with hindsight, it believes it could have reported the backlog sooner.

In November 2016, Capita and NHS England carried out initial checks on the reported backlog of 580,000 clinical notes. It wasn’t until December 2016 that ministers were informed of problems – more than a year after Capita took over the contract.

Even in December 2016 ministers were not fully informed. Information about a backlog of live clinical notes was within in a number of items in the quarterly ministerial reports. NHS England did not report the matter to the Department of Health until April 2017 – about two years after the problems began.

Even then, officials told ministers that clinical notes had been sampled and were considered “low clinical and patient risk”. But a later study by NHS England’s National Incident Team identified a backlog of 1,811 high priority patient notes such as documents deemed to be related to screening or urgent test results.

The National Audit Office says, “NHS England expects to know by March 2018 whether there has been any harm to patients as a result of the delay in redirecting correspondence. NHS England will investigate further where GPs have identified that there could be potential harm to patients. The review will be led by NHS England’s national clinical directors, with consultant level input where required.”

Last month Richard Vautrey, chairman of British Medical Association’s General Practitioners Committee, wrote to the NHS Chief Executive Simon Stevens criticising a lack of substantial improvement on Capita’s contract to run primary care service centres.

In December, the GP Committee surveyed practices and individual GPs on the Capita contract. The results showed a little improvement across all service lines, when compared to its previous survey in October 2016, but a “significant deterioration” in some services. Vautrey’s letter said,

“While any new organisation takes time to take over services effectively, the situation has gone from bad to worse since Capita took over the PCSE [Primary Care Support England] service almost two and a half years ago …

“This situation is completely unacceptable. As a result of the lack of improvement in the service delivery of PCSE we are now left with no option but to support practices and individual doctors in taking legal routes to seek resolution. While this is taking place, we believe it is imperative that NHS England conducts a transparent and comprehensive review of all policy, procedures and processes used by PCSE across each service line.”

Comment:

It’ll be clear to some who read the NAO report that the problems with urgent patient notes going astray or being put mistakenly into storage, stems from NHS England’s decision to outsource a complex range of GP support services without fully considering – or caring about – what could go wrong.

It’s not yet known if patients have come to harm. It’s clear, though, that patients have been caught in the middle of a major administrative blunder that has complex causes and for which nobody in particular can be held responsible.

That ministers learned of a major failure on a public sector outsourcing deal over a year after live patient notes began to be archived is not surprising.

About four million civil and public servants have strict rules governing confidentiality. There are no requirements for civil and public service openness except when it comes to the Freedom of Information Act which many officials can – and do – easily circumvent.

Even today, the fourth year of Capita’s contract to run GP support services, the implications for patients of what has gone wrong are not yet fully known or understood.

It’s a familiar story: a public sector blunder for which nobody will take responsibility, for which nobody in particular seems to care about, and for which the preoccupation of officialdom will be to continue playing down the implications or not say anything at all.

Why would they be open when there is no effective requirement for it? It’s a truism that serious problems cannot be fixed until they are admitted. In the public sector, serious problems on large IT-related contracts are not usually fixed until the seriousness of the problems can no longer be denied.

For hundreds of years UK governments have struggled to reconcile a theoretical desire for openness with an instinctive and institutional need to hide mistakes. Nothing is likely to change now.

This Computer Weekly article in 1994 was about the much-delayed customs system CHIEF. Will its CDS replacement that’s being built for the post-Brexit customs regime also be delayed by years?

The Financial Times reported this week that UK companies are nervous over a deadline next year for the introduction of a new customs system three months before Brexit.

HMRC’s existing customs system CHIEF (Customs Handling of Import Export Freight) copes well with about 100 million transactions a year. It’s expected a £157m replacement system using software from IBM and European Dynamics will have to handle about 255 million transactions and with many more complexities and interdependencies than the existing system.

If the new system fails post-Brexit and CHIEF cannot be adapted to cope, it could be disastrous for companies that import and export freight. A post-Brexit failure could also have a serious impact on the UK economy and the collection of billions of pounds in VAT, according to the National Audit Office.

I told the FT of my concern that officials will, at times, tell ministers what they want to hear. Only a fully independent review of the new customs system (as opposed to a comfortable internal review conducted by the Infrastructure and Projects Authority) would stand a chance of revealing whether the new customs system was likely to work on time and whether smaller and medium-sized companies handling freight had been adequately consulted and would be able to integrate the new system into their own technology.

The National Audit Office reported last year that HMRC has a well-established forum for engaging with some stakeholders but has

“significant gaps in its knowledge of important groups. In particular it needs to know more about the number and needs of the smaller and less established traders who might be affected by the customs changes for the first time”.

The National Audit Office said that the new system will need to cope with 180,000 new traders who will use the system for the first time after Brexit, in addition to the 141,000 traders who currently make customs declarations for trade outside the EU.

The introduction in 1994 of CHIEF was labelled a disaster at the time by some traders, in part because it was designed and developed without their close involvement. CHIEF was eventually accepted and is now much liked – though it’s 24 years old.

Involve end-users – or risk failure

Lack of involvement of prospective end-users is a common factor in government IT disasters. It happened on the Universal Credit IT programme, which turned out to be a failure in its early years, and on the £10bn National Programme for IT which was dismantled in 2010. Billions of pounds were wasted.

The FT quoted me as saying that the chances of the new customs system CDS [Customs Declaration Service) doing all the things that traders need it to do from day one are almost nil.

The FT quotes one trader as saying,

“HMRC is introducing a massive new programme at what is already a critical time. It would be a complex undertaking at the best of times but proceeding with it at this very moment feels like a high stakes gamble.”

HMRC has been preparing to replace CHIEF with CDS since 2013. Its civil servants say that the use of the SAFe agile methodology when combined with the skills and capabilities of its staff mean that programme risks and issues will be effectively managed.

But, like other government departments, HMRC does not publish its reports on the state of major IT-related projects and programmes. One risk, then, is that ministers may not know the full truth until a disaster is imminent.

In the meantime ministerial confidence is likely to remain high.

Learning from past mistakes?

HMRC has a mixed record on learning from past failures of big government IT-based projects. Taking some of the lessons from “Crash”, these are the best things about the new customs project:

It’s designed to be simple to use – a rarity for a government IT system. Last year HMRC reduced the number of system features it plans to implement from 968 to 519. It considered that there were many duplicated and redundant features listed in its programme backlog.

The SAFe agile methodology HMRC is using is supposed to help organisations implement large-scale, business-critical systems in the shortest possible time.

HMRC is directly managing the technical development and is carrying out this work using its own resources, independent contractors and the resources of its government technology company, RCDTS. Last year it had about 200 people working on the IT programme.

These are the potentially bad things:

It’s not HMRC’s fault but it doesn’t know how much work is going to be involved because talks over the post-Brexit customs regime are ongoing.

It’s accepted in IT project management that a big bang go-live is not a good idea. The new Customs Declaration Service is due to go live in January 2019, three months before Britain is due to leave the EU. CHIEF system was commissioned from BT in 1989 and its scheduled go-live was delayed by two years. Could CDS be delayed by two years as well? In pre-live trials CHIEF rejected hundreds of test customs declarations for no obvious reason.

The new service will use, at its core, commercially available software (from IBM) to manage customs declarations and software (from European Dynamics) to calculate tariffs. The use of software packages is a good idea – but not if they need large-scale modification. Tampering with proven packages is a much riskier strategy than developing software from scratch. The new system will need to integrate with other HMRC systems and a range of third-party systems. It will need to provide information to 85 systems across 26 other government bodies.

If a software package works well in another country it almost certainly won’t work when deployed by the UK government. Core software in the new system uses a customs declaration management component that works well in the Netherlands but is not integrated with other systems, as it would be required to do in HMRC, and handles only 14 million declarations each year.

The IBM component has been tested in laboratory conditions to cope with 180 million declarations, but the UK may need to process 255 million declarations each year.

Testing software in laboratory conditions will give you little idea of whether it will work in the field. This was one of the costly lessons from the NHS IT programme NPfIT.

The National Audit Office said in a report last year that HMRC’s contingency plans were under-developed and that there were “significant gaps in staff resources”.

Comment

HMRC has an impressive new CIO Jackie Wright but whether she will have the freedom to work within Whitehall’s restrictive practices is uncertain. It seems that the more talented the CIO the more they’re made to feel like outsiders by senior civil servants who haven’t worked in the private sector. It’s a pity that some of the best CIOs don’t usually last long in Whitehall.

Meanwhile HMRC’s top civil servants and IT specialists seem to be confident that CDS, the new customs system, will work on time. Their confidence is not reassuring. Ministers and civil servants publicly and repeatedly expressed confidence that Universal Credit would be fully rolled by the end of 2017. Now it’s running five years late. The NHS IT programme NPfIT was to have been rolled out by 2015. By 2010 it was dismantled as hopeless.

With some important exceptions, Whitehall’s track record on IT-related projects is poor – and that’s when what is needed is known. Brexit is still being negotiated. How can anyone build a new bridge when you’re not sure how long it’ll need to be and what the many and varied external stresses will be?

If the new or existing systems cannot cope with customs declarations after Brexit it may not be the fault of HMRC. But that’ll be little comfort for the hundreds of thousands of traders whose businesses rely, in part, on a speedy and efficient customs service.

Orwell made no mention of goodnewspeak. But maybe today it’s an increasingly popular descendant of Newspeak – a language devised by Orwell to show how the State could use words and phrases to limit thought.

This week, as a statue of Orwell was unveiled outside the BBC, a local council in Sussex made an announcement that was a fine example of goodnewspeak.

This was Horsham District Council’s way of not saying that it was scrapping weekly rubbish collections.

This was the benign side of goodnewspeak. The dark side is a growing acceptance in Whitehall, local authorities and the wider public sector that nothing negative can be thought of let alone expressed at work.

This suppression of negative thoughts means that the rollout of Universal Credit can be said officially to be going well and can be speeded up despite the clamour from outsiders, including a former Prime Minister (John Major), for a rethink to consider the problems and delays.

[Labour MP Frank Field said last month that the DWP was withholding bad news on Universal Credit.]

It means that the Department for Business, Energy and Industrial Strategy can continue to praise all aspects of its smart meters rollout while its officials keep silent on the fact that the obsolescent smart meters now being installed do not work properly when the householder switches supplier.

It means that council employees can think only good about their major IT suppliers – and trust them with the council’s finances as at Barnet council.

[Nobody at Barnet council has pointed out the potential for a conflict of interest in having outsourcing supplier Capita reporting on the council’s finances while having a financial interest in those finances. It took a local blogger Mr Reasonable to make the point.]

Goodnewspeak can also mean that public servants do their best, within the law, to avoid outside scrutiny that could otherwise lead to criticism, as at Lambeth council.

Last month Private Eye reported the results of a “People’s Audit” in which local residents asked questions and scrutinised the authority’s accounts. The audit found that:

– The number of managers earning between £50,000 and £150,000 has increased by 88, at a cost of more than £5.5m year.
-Spending on Lambeth’s new town hall has gone from a projected £50m to £140m.
– The council “invested” a total of £57,000 on its public libraries last year – closing three of them – while spending £13m on corporate office accommodation.
-£10.3m was spent making people redundant.

These disclosures (and there are many more of them) raise the question of what Lambeth is doing to dispel the impression that it manages public money badly and that its decisions could be routine in the world of local authorities.

Lambeth council’s reaction to the audit was to denounce it and issue its own goodnewspeak statement; and it is considering a proposal to lobby the government to allow councils to ban such People’s Audits in future.

The following lists of announcements on the websites of the Department for Work and Pensions and the Department of Transport are examples of how goodnewspeak manifests itself in Whitehall:

And the Department of Transport’s website:

Ministry of Truth

Orwell wrote in Nineteen Eighty-Four of the Ministry of Truth whose expertise was lying, the Ministry of Peace which organised wars and the Ministry of Plenty which rationed food.

Some of the Party’s slogans were:

War is peace.
Freedom is slavery.
Ignorance is strength.

And Orwell, whose wife worked at the Ministry of Information at Senate House, London (Orwell’s model for the Ministry of Truth) said,

“If you want to keep a secret, you must also hide it from yourself.”

Comment

Of course goodnewspeak doesn’t exist as a policy anywhere. But its practice is all-pervasive in the public sector. And it seems to change the way people think when they’re at work.

It blocks out any view other than the official line.

In Nineteen Eight-four, Orwell created “Newspeak” as a language of the Party to coerce the public to shape their thoughts around the State’s beliefs. Its much-reduced vocabulary stopped people conceiving of any other point of view.

Not using Newspeak was a thoughtcrime. The Party advocated Duckspeak – to speak without thinking – literally quack like a duck.

Has this already happened in a minor way at Barnet? A council document on the benefits of its outsourcing policies was peppered with abstractions that could have been constructed by software-driven random-phrase generators:

“Ahead of the game”
“Top to bottom organisational restructure”
“Flexibility to meet future challenges whilst ensuring we provide excellent services to residents today.”
“Root of our success”
“New solutions to complex problems”
“Pioneering partnerships”
“Investing for the future”
“Protect what makes Barnet such a great place to live”
“Increasing resident satisfaction”
“Paying dividends”
“Prepared for the future”
“Great strides”
“A radical, ‘whole place’ approach to designing and providing services”
“We have not been backwards in coming forwards”
“Pursuing alternatives to the norm”
“Vision into reality”
“Frame our future strategic direction”
“Future Shape”
“Drivers for change”
“Genuine innovation in Local Government”
“Bold in its decision making”
“Forward looking change strategy”
“A new relationship with citizens”
“A one public sector approach”
“A relentless drive for efficiency”
“Focus on stimulating the market”
“Best in class’ range of tradable services to win and deliver work for other authorities.”
‘Form follows function’.
“Clear roles and responsibilities”
“An internal escalation model”
“Renewed focus on improving engagement”
“Increasing transparency, and developing trust”
“Connect with people and build relationships of trust”
“A steep demand line to climb”

Dark side

One worrying consequence is that Whitehall civil servants and public servants and ruling councillors at, say Barnet and Somerset councils (and even at Cornwall), made the assumption that their IT suppliers shared the public sector’s goodnewspeak philosophy.

But suppliers are commercially savvy. They don’t exist purely to serve the public. They have to make a profit or they risk insolvency.

For years, goodnewspeak at Somerset County Council led to officers and councillors regularly praising the successes of a joint venture with IBM while covering up the problems and losses, in part by routine refusals of FOI requests.

Goodnewspeak at Liverpool Council meant that its officials had nothing but praise for BT when they ended a joint venture in 2015. They said that ending the joint venture would save £30m. But the joint venture itself was supposed to have saved tens of millions.

Somerset County Council made a similar good news announcement when it terminated its joint venture Southwest One with IBM.

Such announcements are consistent with Newspeak’s “Doublethink” – the act of simultaneously accepting two mutually contradictory beliefs as correct.

DWP

Outsiders can find goodnewspeak shocking. The Daily Mirror reported on how the DWP celebrated the rollout of Universal Credit at Hove, Sussex, with a cake. Were managers mindful of the fact that some failed UC claimants have been driven to the brink of suicide?

Disillusioned

Francis Maude, when minister for the Cabinet Office, was almost universally disliked in the civil service. He was an outsider who did not accept the Whitehall culture. Even though he believed the UK had the best civil service in the world, he did not always show it.

He tried to reduce Whitehall spending on IT projects and programmes that could not be justified. He spoke an IT supplier oligopoly.

Now he has left government, most of his civil service reforms (apart from the Government Digital Service) have settled back to how they were before he arrived in 2010.

In a speech last month, Maude spoke of a “distressing” disillusionment with the civil service culture. He said:

“Based on my experience as a Minister in the eighties and early nineties my expectations (of the civil service) were high. And the disillusionment was steep and distressing.

“It remains my view that we have some of the very best civil servants in the world … But the Civil Service as an institution is deeply flawed, and in urgent need of radical reform.

” And it is civil servants themselves, especially the younger ones, who are most frustrated by the Service and its culture and practices.”

World’s best civil service

He added that, as the new minister responsible for the civil service, every draft speech or article presented to him started: ‘The British Civil Service is the best in the world.’

But complaints by ministers in all parties about the lack of institutional capability, inefficiency and failed implementation were legion, he said.

“When we queried the evidential basis for this assertion, it turned out that the only relevant assessment was a World Bank ranking for ‘government effectiveness’, in which the UK ranked number 16.”

Speaking the unsaid

Perhaps more than any former minister, Maude has expertly summarised the civil service culture but in a way that suggests it’s unredeemable.

“I and others have observed that all too often the first reaction of the Civil Service when something wrong is discovered is either to cover it up or to find a scapegoat, often someone who is not a career civil servant and who is considered dispensable.

“There seems to be an absolute determination to avoid any evidence that the permanent Civil Service is capable of failure.

“Another indicator is that if a Minister decides that a Civil Service leader is not equipped for his or her task, this has to be dressed up as “a breakdown in the relationship”, with the unspoken suggestion that this is at least as much the fault of the Minister as of the civil servant.

“It can never be admitted that the mandarin was inadequate in any way.

“When I suggested that there might be room for improvement, the distinguished former Civil Service Head, Lord Butler, accused me of a failure of leadership. Actually the leadership failure is to pretend that all is well when no one, even civil servants themselves, really believes that.

The good news

All is not lost – thanks to a vibrant and investigative local press in some areas and resident auditors such as Mr Reasonable, Mrs Angry, David Orr, Andrew Rowson and the people’s auditors in Lambeth.

Along with the National Audit Office and some MPs, these resident auditors are the only effective check on goodnewspeak. They are reminder to complacent officialdom that it cannot always hide behind its barrier of unaccountability.

Long may these dogged protectors of the public interest continue to highlight financial mismanagement, excess and self-indulgent,wasteful decisions.

A government-commissioned review yesterday backed a Bill that could, if enacted and applied to Whitehall generally, prevent billions of pounds being lost on wasteful projects.

The Public Authority Accountability Bill – known informally as the Hillsborough Law – would establish an offence of intentionally or recklessly misleading the public, media or court proceedings.

It would also impose a legal requirement on public authorities to act with candour, transparency and frankness when things go wrong.

Although the Bill was a reaction, in part, to the cover up by public authorities of their failings in the light of Hillsborough, it could, if enacted, deter public authorities from covering up failings generally – including on major IT programmes.

For decades public authorities have had the freedom – unrestricted by any legislation – to cover up failures and issue misleading statements to the public, Parliament and the media.

In the IT sphere, early problems with the Universal Credit IT programme were kept secret and misleadingly positive statements issued. The National Audit Office later criticised a “good news” culture on the Universal Credit programme.

And still the DWP is fighting to block the disclosure of five project assessment reviews that were carried out on the Universal Credit IT programme between 2012 and 2015.

It could be argued that billions of pounds lost on the NPfIT – the National Programme for IT in the NHS – would have been avoided if the Department of Health had been open and candid at the start of the programme about the programme’s impractically ambitious aims, timescales and budgets.

The Department for Business, Energy and Industrial Strategy is currently keeping secret its progress reports on the £111bn smart meters rollout – which independent experts have said is a failing programme. The department routinely issues positive statements to the media on the robust state of the programme.

The Public Authority Accountability Bill was drafted by lawyers who had been involved with representing bereaved Hillsborough families. It is aimed mainly at government inquiries, court proceedings and investigations into lapses of public services.

But it would also enshrine into law a duty on public authorities, public servants, officials and others to act within their powers with “transparency, candour and frankness”.

Lawyers who drafted the Bill refer on their website to “institutional defensiveness and a culture of denial” when things go wrong. They say,

“In 2017 we expect public authorities and individuals acting as public servants to be truthful and act with candour. Unfortunately, repeated examples have shown us that this is not generally the case.

“Instead of acting in the public interest by telling the truth, public authorities have tended to according to narrow organisational and individual motives by trying to cover up faults and deny responsibility …”

Backing for the Bill came yesterday from a 117-page report on the Hillsborough disaster by Bishop James Jones. The government commissioned him to produce a report on the experiences of the Hillsborough families so that their “perspective is not lost”.

Jones’ impressive report refers to institutions that “closed ranks, refused to disclose information, used public money to defend its interests and acted in a way that was both intimidating and oppressive”

His report refers to public bodies in general when it points to a “cultural condition” and “mindset” that features an “instinctive prioritisation of the reputation of an organisation over the citizen’s right to expect people to be held to account for their actions”. This, says the report, “represents a barrier to real accountability”.

It adds,

“As a cultural condition, this mindset is not automatically changed, still less dislodged, by changes in policies or processes. What is needed is a change in attitude, culture, heart and mind.”

The report urges leaders of “all public bodies” to make a commitment to cultural change by publicly signing a new charter.

The charter commits public bodies to:

Place the public interest above its own reputation.

Approach forms of scrutiny with candour, in an open, honest and transparent way, making full disclosure of relevant documents, material and facts.

Learn from the findings of external scrutiny and from past mistakes.

Avoid seeking to defend the indefensible or to dismiss or disparage those who may have suffered where the organisation has fallen short.

When falling short, apologise straightforwardly and genuinely.

Not knowingly mislead the public or the media.

The report says that institutional defensiveness and a culture of denial are “endemic amongst public institutions as has been demonstrated not only by the Hillsborough cover up but countless other examples.”

Stuart Hamilton, son of Roy Hamilton who died at Hillsborough, is quoted in the report as saying,

“Police, officials and civil servants should have a duty of revealing the full facts and not merely selecting some truths to reveal but not others. Not lying or not misleading is simply not good enough. Without this, future disasters cannot be averted and appropriate policies and procedures cannot be developed to protect society.

“Such selective revealing of information also results in the delay of justice to the point where it cannot be served”.

He added,

“I believe that without a change not only in the law but also in the mindset of the public authorities (which a law can encourage) then very little exists to stop the post-event actions happening again.”

IT-enabled projects

Whitehall departments and the Infrastructure and Projects Authority publish their own narratives on the progress on major IT-enabled projects and programmes such as Universal Credit and smart meters.

But their source reports aren’t published.

Early disclosure of failings could have prevented hundreds of millions of pounds being lost on FireControl project, BBC’s Digital Media Initiative, the Home Office Raytheon e-borders and C-Nomis national offender management information projects and the Rural Payments Agency’s CAP delivery programme (which, alone, contributed to EU penalties of about £600m).

Comment:

Yesterday’s beautifully-crafted report into the Hillsborough disaster – entitled “The patronising disposition of unaccountable power” – is published on the Gov.uk website.

It has nothing to do with IT-enabled projects and programmes. But, in an unintentional way, it sums up a public sector culture that has afflicted nearly every Whitehall IT-based project failure in the last 25 years.

A culture of denial is not merely prevalent today; it is pervasive. All Whitehall departments keep quiet about reports on their failings. It is “normal” for departments to issue misleadingly positive statements to the media about progress on their programmes.

The statements are not lies. They deploy facts selectively, in a way that covers up failings. That’s the Whitehall culture. That’s what departments are expected to do.

According to Bishop Jones’ Hillsborough report, one senior policeman told bereaved families that he was not obliged to reveal the contents of his reports. He could bury them in his garden if he wished.

It’s the same with government departments. There is no legal duty to keep programme reports, still less any requirement to publish them.

If Bishop Jones’ charter is signed by leaders of public authorities including government departments, and Andy Burnham’s Bill becomes law, the requirement for candour and transparency could mean that IT programme progress reports are made available routinely.

If this happened – a big if – senior public officials would have to think twice before risking billions of pounds on a scheme that held out the prospect of being fun to work on but which they knew had little chance of success within the proposed timescales, scope and budget.

It’s largely because of in-built secrecy that the impossibly impractical NPfIT was allowed to get underway. Billions of pounds was wasted.

Some may say that the last thing ministers and their permanent secretaries will want is the public, media and MPs being able to scrutinise what is really happening on, say, a new customs IT project to handle imports and exports after Brexit.

But the anger over the poor behaviour of public authorities after Hillsborough means that the Bill has an outside chance of eventually becoming law. Meanwhile public sector leaders could seriously consider signing Jones’ charter.

John Stuart Mill wrote in 1859 (On Liberty and The Subjection of Women) that the “only stimulus which can keep the ability of the [public] body itself up to a high standard is liability to the watchful criticism of equal ability outside the body”.

But MPs on the work and pensions committee, particularly its chairman Frank Field, are sensitive to the DWP’s “good news” culture.

Field is reported to have said he suspected that ministers had only pressed ahead with the accelerated rollout of universal credit this month because civil servants at the Department for Work and Pensions had withheld the true scale of the problems.

Field said:

“Given everything we have heard, I was surprised that David Gauke opted to proceed with the accelerated rollout.

“I strongly suspect his decision, together with the failure to tell us anything, reflects a culture at the DWP of those most invested in universal credit not telling anyone, including their ministers, bad news.”

In its 2013 report “Universal Credit Early Progress“, the National Audit Office said,

“Both the Major Projects Authority [now the Infrastructure and Projects Authority] and a supplier-led review in mid-2012 identified problems with staff culture; including a ‘fortress mentality’ within the programme.

“The latter also reported there was a culture of ‘good news’ reporting that limited open discussion of risks and stifled challenge.”

BBC Radio 4’s Today programme heard this morning (18 October 2017) that a Universal Credit claimant who’d been the victim of “mistake after mistake” on his claim had threatened to take his own life and police had been called.

Update:

Gauke and Couling told the work and pensions committee this morning that the rollout may be paused in January 2018 as part of the department’s test and learn philosophy. They called it a “fire-break. Couling said the rollout was paused in February 2016 for two months and “nobody noticed”.

He added that he was prepared to advise his minister, the Treasury and the prime minister to pause the rollout whenever the “evidence merits”..

Gauke said the advantages of the Universal Credit system were of such a “prize” that there was cost of slowing down the rollout. “It can transform lives and it’s my determination is to deliver this successfully,” said Gauke.

Gauke and Couling told MPs that the rollout was working successfully. Neither expressed any criticisms of the programme or the rollout; and neither accepted the many criticisms of the committee’s MPs of the programme. At one point, Couling helpfully suggested to the committee some of the questions they “should” have been asking.

Where there were problems it was outside the DWP’s control – because of information supplied, or not supplied, by claimants or employers. The real-time information supplied to DWP by HM Revenue and Customs was only as good as the information provided to HMRC by employers.

Comment:

There’s universal support for the idea of Universal Credit. But there is almost universal criticism of the way it is being rolled out. Critics of the rollout also find it difficult to understand the DWP’s continuing refusal to accept that there are any serious problems.

For decades the DWP and its predecessor the Department of Social Security have been culturally unable to accept criticism of any of their big IT-based projects and programmes, even after a project was aborted.

One DWP director last year used the word “paranoid” when referring to her colleagues and their concerns about leaks of any bad news on the Universal Credit programme.

The DWP routinely declines FOI requests to publish its performance reviews on the Universal Credit programme. This lack of official information on the DWP’s performance leaves officials and ministers free to say that criticism of the programme is subjective or anecdotal.

Stephen Crabb was one of the few politicians who have ever made a difference to the DWP’s closed culture of secrecy and defensiveness. He ordered that internal reports on the risks and progress of the Universal Credit programme be released, against the advice of his civil servants. But Crabb didn’t stay long.

And the “good news” culture has returned, as unremitting as ever. Will any minister or civil servant be able to change the DWP’s “good news” culture?

Probably not.

The DWP’s permanent secretary Robert Devereux is retiring in January 2018, which will open the door to a successor who could try and change the department’s defensive culture.

It’s more likely, however, that Devereux’s replacement will be chosen on the basis that he or she will be a “safe pair of hands” which, in civil service terms, means a staunch defender of the department, its performance, all it is doing and the civil service in general.

However many independent voices call for a brake on the Universal Credit rollout, it seems inevitable that the DWP’s mandarins (and their pliant ministers) will carry on doing whatever they can justify to themselves.

The DWP hasn’t let humility or democratic openness get in the way before. Why would it give in to them now?

“It is working,” said Work and Pensions secretary David Gauke in Manchester yesterday. He was referring to a plan to accelerate the rollout of Universal Credit from this month.

“I can confirm that the rollout will continue, and to the planned timetable,” he added.

But are civil servants giving Gauke – and each other – full and unexpurgated briefings on the state of the Universal Credit programme?

Last year, in a high-level DWP document that government lawyers asked a judge not to release for publication, a DWP director referred to

“a lack of candour and honesty throughout the [Universal Credit] programme.”

Senior civil servants were not passing bad news on the state of the Universal Credit IT programme even to each other.

The DWP document was dated several years after Iain Duncan-Smith, the original force behind the introduction of Universal Credit, found his internal DWP briefings on the state of the UC programme so inadequate – a “good news” culture prevailed – that he brought in his own external advisers – what he called his “red team”.

In 2013 the National Audit Office, in a report on Universal Credit, said a “good news” mentality within the DWP prevented problems being discussed.

If problems could not be discussed they could not be addressed.

Last year the Institute for Government, in a report on Universal Credit, said IT employees at the DWP’s Warrington offices burst into tears with relief when at last permitted – by external advisers – to talk openly about problems on the programme.

The Work and Pensions Committee has questioned why DWP ministers told MPs all was going well with the programme when it was well behind schedule and beset with problems.

The Public Accounts Committee called the DWP “evasive and selective” when it came to passing on information about the state of the Universal Credit programme.

Is there any reason to believe that the “fortress mentality” that the NAO referred to in its report on Universal Credit in 2013 is no longer present?

When David Gauke announced yesterday that he is continuing the rollout of Universal Credit, was he basing his decision on the full facts – or a “good news” version of it as told to him by the DWP?

Comment

David Gauke will have been given the “new minister” treatment when he joined the DWP on 11 June 2017.

“The first thing you’ve got to overcome when you walk through the door is that everybody is being almost far too nice to you,” said one of Gauke’s predecessors, Iain Duncan Smith. He was speaking in 2016 after leaving the DWP.

IDS was much criticised for assuring Parliament all was well with the Universal Credit IT programme when it wasn’t. But maybe he was right to point out that, when he joined the DWP, he found that the “biggest cultural barrier” was getting civil servants to be honest about difficulties.

“The Civil Service, legitimately, see it as their role to deliver on politicians’ policy demands and this can sometimes make them resistant to the idea that they should inform you early of problems,” said IDS.

It was IDS who told BBC’s Radio 4 Today programme in December 2013, that Universal Credit was on track.

“It’s on budget. It’s on budget. Some 6.5million people will be on the system by the end of 2017.”

In fact, fewer than 700,000 people are claiming Universal Credit, according to the latest DWP statistics.

DWP’s 30 years of a “good news” culture

In the past 30 years, it has been almost unknown for the DWP’s mandarins to concede that they have had serious problems with any of their major IT-based projects and programmes.

Perhaps it’s understandable, then, that Gauke apparently refuses to listen to critics and continues with the accelerated rollout of Universal Credit.

Would he have any idea that the Citizens Advice Bureau, in a carefully-researched report this year, said that some claimants are on the DWP’s “live service” (managed by large IT suppliers) which is “rarely updated” while other claimants are on a separate “full service” – what the CAB calls a “test and learn” system – which is still being designed?

Would Gauke know of the specific concerns of the all-party Work and Pensions Committee which wrote to the DWP earlier this year about Universal Credit decision makers being “overly reliant on information from [HMRC’s] Real-time information” even when there is “compelling evidence” that this data is incorrect?

Would Gauke have any reason to believe those who refer to regular computer breakdowns and inaccurate and inconsistent data?

In the DWP’s own document that it did not want published, the DWP director said that, internally, “people stopped sharing comments which could be interpreted as criticism of the Programme, even when those comments would be useful as part of something like an MPA [Major Projects Authority] review.”

Many staff believed the official line was ‘everything is fine’. Nobody wanted to be seen to contradict it.

All this suggests that the DWP will carry on much as before, regardless of external criticism. Individual ministers are accountable but they move on. Their jobs are temporary. It’s the permanent civil service that really matters when it comes to the implementation of Universal Credit.

But mandarins are neither elected nor effectively accountable.

NHS IT programme?

There may be some comparisons between Universal Credit and the NHS IT programme, the £10bn NPfIT.

A plethora of independent organisations and individuals expressed concerns about the NPfIT but minister after minister dismissed criticisms and continued the rollout. The NPfIT was dismantled many years later, in 2011. Billions was wasted.

Based on their civil service briefings, NPfIT ministers had no reason to believe the programme’s critics.

Universal Credit has more support than the NPfIT and the IT is generally welcomed, not shunned. But the Universal Credit rollout is clearly not in a position yet to be speeded up.

Whether Gauke will recognise this before his time is up at the DWP is another matter.

Like IDS, Stephen Crabb and Damian Green – all secretaries of state during the rollout of Universal Credit – Gauke will move on and his successor will get the “new minister” treatment.

Successful cyber attacks on parts of the NHS and some councils and universities have not been reported to the police – even where criminals have locked information and demanded ransom payments, an investigation by The Yorkshire Post found.

The National Crime Agency, which is the UK’s lead agency against organised crime, human, weapon and drug trafficking and cyber crime, has said that “under-reporting of cyber crime remains a key barrier to our understanding of its true scale and cost”.

Its comments were aimed at the directors in the private sector. But it’s clear that the public sector is not setting an example.

The Yorkshire Post says that the Mid Yorkshire Hospitals NHS Trust had two ransomware attacks last year in which data was encrypted on some departmental drives with demands for payment made to unlock it. While no payment was made and the information recovered from back-up systems, neither incident was reported to police.

Barnsley Council had 13 successful ransomware attacks since April 2016 and none was reported to the police. No ransoms were paid, data was restored from back-up systems and accounts were disabled and changed to “render any captured credentials of little use”.

Three of Yorkshire’s universities had almost 300 successful attacks in the last three years. None was reported to police.

The University of York had 237 incidents which included nine distributed denial of service attacks and a further seven incidents in which servers were “compromised” by hackers.

A spokesman for the university said: “We did not consider that any incident caused sufficient loss, either monetary or of data, to justify reporting to the police.”

The University of Huddersfield had 54 successful attempts and nothing was reported to the police “due to low level impact”.

Ensuring the buck stops nowhere?

In a National Audit Office blog, the NAO’s cyber director Tom McDonald and digital transformation specialists Yvonne Gallagher (who’s a former CIO in two government departments) and Max Tse pointed to a lack of accountability in the public sector for deterring cyber attacks and managing the risks.

In health, for example, the Department of Health’s delegates to NHS England, which funds over 200 local clinical commissioning groups to purchase care from local health trusts.

Social care is the responsibility of the larger local authorities who are accountable to their local electors.

NHS Digital has some overview of data and IT systems for the health and social care sectors (through its management of national NHS IT systems, such as the NHS Spine or N3 Network) and it has a dedicated Data Security Centre, but it has no authority over councils and trusts to ensure even simple security measures are implemented locally, such as software updates and patches.

The National Audit Office found that, across government, “there has been little coherence between the several lines of governance and senior oversight of cyber and information security”.

It added,

“A number of organisations and a plethora of working-level groups have been involved in cyber security and supporting digital transformation across government. The government itself has described these arrangements as an ‘alphabet soup’.”

There’s also a shortage of IT security skills in the public sector, which is exacerbated by the high number of so-called “transformation” projects and programmes and a reliance on legacy systems such as Windows XP which proved vulnerable in the WannaCry attack, said the National Audit Office.

Comment

The government could make it mandatory for Whitehall, councils, the NHS and other parts of the public sector – including the police – to report incidents to the National Crime Agency.

It’s unlikely to happen though.

There’s a woeful lack of reporting and accountability in the public sector on IT-related matters. WannaCry and hundreds of other “successful” incidents in public sector in the past year will not make any difference.

That the public sector will work to reduce the ill effects of cyber attacks is a given. It’s also inevitable that it’ll work hard at ensuring, in line with culture and convention, that, when there are “successful” incidents, the buck stops nowhere.

“The government is also committed to transparency, and to being responsive and accountable to the public we serve.

“Accordingly, we have collected and published this data consistently over the past five years, enabling us to track the progress of projects on the GMPP [Government Major Projects Portfolio] over time.

“We will continue to be responsive and accountable to the public.”

But the report says nothing about the current state of major IT projects. The delivery confidence assessments are dated September 2016. They are 10 months out of date.

This is because senior civil servants – some of whom may be the “dinosaurs” that former minister Francis Maude referred to last month – have refused to allow politicians to publish the red/amber/gtreen status of major projects (including the Universal Credit programme and the smart meters rollout) unless the information, when published, is at least six months old.

[Perhaps one reason is to give departmental and agency press officers an opportunity to respond to journalists’ questions by saying that the red, red/amber of amber status of a particular major project is out of date.]

In September 2016 the Universal Credit programme was at amber but we don’t know why. Neither the IPA or the Department for Work and Pensions mention any of the “issues”.

The £11bn smart meters rollout is also at amber and again we don’t know why. Neither the IPA nor the Department for Business, Energy and Industrial Strategy mention any of the “issues”. Permanent secretaries are allowed to keep under wraps the IPA’s reasons for the red/amber/green assessments.

Even FOI requests for basic project information have been refused. Computer Weekly said,

“Costs for the Verify programme were also withheld from the IPA report, again citing exemptions under FOI.”

Comment

The senior civil servants who, in practice, set the rules for what the Infrastructure and Projects Authority can and cannot publish on major government projects and programmes are likely to be the “dinosaurs” that former Cabinet Office minister Francis Maude referred to last month.

Maude said that Whtehall reforms require that new ministers “face down the obstruction and prevarication from the self-interested dinosaur tendency in the mandarinate.”

Clearly that hasn’t happened yet.

The real information about Universal Credit’s progress and problems will come not from the Infrastructure and Projects Authority – or the Department for Work and Pensions – but from local authoritities, housing associations, landlord organistions, charities and consumer groups such the Citizen’s Advice Bureau (which has called for Universal Credit to be halted), the local press, the National Audit Office and Parliamentary committees such as the Public Accounts Committee and Work and Pensions Committee.

Much of this “real” information will almost certainly be denied by Whitehall press officers. They’ll be briefed by senior officials to give business journalists only selected “good news” facts on a project’s progress and costs.

All of this means that the Infrastructure and Projects Authority may have good advice for departments and agencies on how to avoid project failures – and its tact and deference will be welcomed by permanent secretaries – but it’s likely the IPA will be all but useless in providing early warnings to Parliament and the public of incipient project disasters.

Ministers and some senior civil servants talk regularly about the government’s commitment to openness and accountability. When it will start applying to major government IT projects?

The Register has an excellent piece by Kat Hall on how the Cabinet Office is losing its grip on Government departments.

Citing the annual report of the all-party Public Accounts Committee, Hall says there are issues where “departments repeatedly don’t do what they have been told or asked to do by the centre”.

An analysis by The Register found that

“government departments are winning significantly more exemptions to splash the cash on expensive IT projects since the departure of former Cabinet Office minister Francis “Mad Frankie” Maude last year”.

Chair of the Public Accounts Committee Meg Hillier said: “After my second year as Chair I am increasingly concerned about the long-term accountability of senior civil servants.

“The game of musical chairs starts as one Permanent Secretary moves on and they all change jobs in the system. And few are in post long enough to have a vested interest in the long-term aims of their department or a project.

“And there is the age-old tension between a department and central Whitehall through the Cabinet Office.”

Universal Credit and HMRC’s plans to overhaul its Aspire IT contract – the biggest in Europe – were outlined as being two areas of concern. As was the Home Office’s Emergency Services Network.

“The Home Office seemed to downplay the risks to the contract and its being caught unawares by the contractor does not reassure us that the Department is on top of the contract or this project. This could cost the taxpayer dear,” it said.

Comment:

It’s hard to argue with a comment on Hall’s piece by @JagPatel3 who suggests that some in Whitehall are as preoccupied with spin as with the efficient delivery of public services.

“… Government is preoccupied with presentation, manipulation of words and the dark art of spinning – instead of working on its programme of reform to deliver public services efficiently, to satisfy the wants, needs and expectations of the electorate.

“The political imperative of needing to put a positive slant on everything the Government does or will do, irrespective of whether it is true or not, is the reason why spin has become the centrepiece of this Government’s communications strategy.

“And because Government has got a monopoly on inside information (enabling it to maintain extremely tight control), it uses spin to divert attention away from the key issues that really matter to citizens …

“the eagerness with which senior Civil Servants have complied with their political masters’ desire to see policy announcements framed around presentation and spin, at the expense of substance, would explain why their skills set has been narrowed down to this single, dark art.”

The commentator also says that the “intense focus of attention on presentation alone has resulted in a massive gap opening up between the leadership and lower ranks of the Civil Service, who have to deal with the reality of delivering public services on the ground, on a day-to-day basis, which has in itself, led to alienation and disaffection”.

A good summary. Many ordinary civil servants are doing the hard work of delivering public services while a few of their masters are preoccupied with keeping what they do secret and justifying or defending all else that is published in National Audit Office reports, other third-party reports or leaked emails.

It’s hardly surprising the Cabinet Office is losing control of departments. Since Maude’s departure it doesn’t want control. It has become clear that it wants, in a hassle-free way, to continue with Sir Humphrey’s non-integrated approach to government.

The Cabinet Office is just another Whitehall department. Why would it want to be an “enforcer?”